<?php 
header("Content-type: text/html; charset=utf-8;");
require("../../../ppf/fun.php"); 
session_start();  
/*上传缩略图*/
$result=array();
if(!isset($_SESSION['uid'])){
	$result[]=array("ret"=>"err","des"=>"用户未登录");
	echo json_encode($result);
    exit;
}

$dir='/upload/file_fend_attachment/';
$dir_root=$_SERVER['DOCUMENT_ROOT'];	
$upload_attachment=$_FILES['upload_attachment'];
foreach($upload_attachment['name'] as $k=>$fname) 
{
    $attachment_id=mt_rand ();
    if(!is_dir($dir_root.$dir.$attachment_id."/")){
	$re=mkdir($dir_root.$dir.$attachment_id."/",0777,true);
	if(!$re){
		$result[]=array("ret"=>"err","des"=>"没有权限创建目录");
		echo json_encode($result);
	    exit;
	}
}
	$fname=htmlspecialchars($fname,ENT_QUOTES);   
	if ($upload_attachment["error"][$k] > 0){
		$result[]=array("ret"=>"err","des"=>"文件  ".$fname." 上传时出错");
		continue;
	}
	$fsize=$upload_attachment["size"][$k];
	$ftmp_name=$upload_attachment["tmp_name"][$k];
	$ftype=$upload_attachment["type"][$k];
	$fext=".".strtolower(pathinfo($fname, PATHINFO_EXTENSION));
	if(strpos(" .php.js.html.htm.shtml.shtm.css.exe.dll.bat",$fext)){
		$result[]=array("ret"=>"err","des"=>"禁止上传的文件类型 ".$fname);
		continue;
	}
	$microtime=explode(" ",microtime());
    $nname=$microtime[1]+$microtime[0];
	
	//保存文件 
	if (move_uploaded_file($ftmp_name, $dir_root.$dir.$attachment_id."/".$fname)){
		$result[]=array("ret"=>"ok","des"=>"文件 ".$fname." 上传成功","attachment_id"=>$attachment_id,"attachment_name"=>$fname,"save_path"=>$dir.$attachment_id."/".$fname);	
//            $result['attachment_name'].=$fname."*";
//            $result['attachment_id'].=$attachment_id."*";
	}                     
}
echo json_encode($result);